CNNVD-202512-669 Information
Dec 05, 2025
cve
CNNVD ID
CNNVD-202512-669
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
zdh_web是zhaoyachao个人开发者的一个大数据采集,抽取平台。 zdh_web 5.6.17及之前版本存在安全漏洞,该漏洞源于文件上传路径验证不足,可能导致认证用户写入任意文件。
Description (English)
zdh web is a large data collection and extraction platform for zhaoyachao personal developers. There is a security loophole in the zdh web5.6.17 and earlier versions, which stems from insufficient authentication of the file upload path, which may result in the authentication user writing into any file.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-12-05
Last Modified
2026-02-24
References
https://github.com/zhaoyachao/zdh_web https://github.com/zhaoyachao/zdh_web/pull/39 https://github.com/zhaoyachao/zdh_web/commit/b2423378a8bf83f159f19ce4e14eac71c939793a https://github.com/zhaoyachao/zdh_web/issues/40 https://access.redhat.com/security/cve/cve-2025-65897
Share on: